Identifying Threats Using Graph-based Anomaly Detection

William Eberle, Lawrence Holder and Diane Cook

Related
Book

View Related Documents

Book Chapter
Learning from Supervised Graphs
Joseph Potts, Diane J. Cook and Lawrence B. Holder
Studies in Computational Intelligence, 2007, Volume 52, Applied Graph Theory in Computer Vision and Pattern Recognition, Pages 183-201
- Download PDF (647.1 KB)
Book Chapter
Substructure Analysis of Metabolic Pathways by Graph-Based Relational Learning
Chang hun You, Lawrence B. Holder and Diane J. Cook
Studies in Computational Intelligence, 2009, Volume 224, Biomedical Data and Applications, Pages 237-261
- Download PDF (921.7 KB)
Book Chapter
Detecting Anomalies in Cargo Using Graph Properties
William Eberle and Lawrence Holder
Lecture Notes in Computer Science, 2006, Volume 3975, Intelligence and Security Informatics, Pages 728-730
- Download PDF (150.6 KB)
Book Chapter
HDB-Subdue: A Scalable Approach to Graph Mining
Srihari Padmanabhan and Sharma Chakravarthy
Lecture Notes in Computer Science, 2009, Volume 5691, Data Warehousing and Knowledge Discovery, Pages 325-338
- Download PDF (356.3 KB)
Book Chapter
Selecting Computer Architectures by Means of Control-Flow-Graph Mining
Frank Eichinger and Klemens Böhm
Lecture Notes in Computer Science, 2009, Volume 5772, Advances in Intelligent Data Analysis VIII, Pages 309-320
- Download PDF (218.3 KB)
Book Chapter
How and Why Pattern Recognition and Computer Vision Applications Use Graphs
Donatello Conte, Pasquale Foggia, Carlo Sansone and Mario Vento
Studies in Computational Intelligence, 2007, Volume 52, Applied Graph Theory in Computer Vision and Pattern Recognition, Pages 85-135
- Download PDF (1.5 MB)
Book Chapter
Enhanced DB-Subdue: Supporting Subtle Aspects of Graph Mining Using a Relational Approach
Ramanathan Balachandran, Srihari Padmanabhan and Sharma Chakravarthy
Lecture Notes in Computer Science, 2006, Volume 3918, Advances in Knowledge Discovery and Data Mining, Pages 673-678
- Download PDF (153.7 KB)
Journal Article
Teaching performance norms in academia
John M. Braxton, Alan E. Bayer and Martin J. Finkelstein
Research in Higher Education, 1992, Volume 33, Number 5, Pages 533-569
- Download PDF (1.9 MB)
Journal Article
Psychiatric disorders during adolescence and relationships with peers from age 17 to age 27
Henian Chen, Patricia Cohen, Jeffrey G. Johnson and Stephanie Kasen
Social Psychiatry and Psychiatric Epidemiology, 2009, Volume 44, Number 3, Pages 223-230
- Download PDF (265.0 KB)
- View HTML
Journal Article
Europäische Konvergenzen: Zur Restitution von Staatsangehörigkeit in Deutschland, Frankreich und Großbritannien
Christine Weinbach
Berliner Journal für Soziologie, 2005, Volume 15, Number 2, Pages 199-218
- Download PDF (272.6 KB)

Abstract

Much of the data collected during the monitoring of cyber and other infrastructures is structural in nature, consisting of various types of entities and relationships between them. The detection of threatening anomalies in such data is crucial to protecting these infrastructures. We present an approach to detecting anomalies in a graph-based representation of such data that explicitly represents these entities and relationships. The approach consists of first finding normative patterns in the data using graph-based data mining and then searching for small, unexpected deviations to these normative patterns, assuming illicit behavior tries to mimic legitimate, normative behavior. The approach is evaluated using several synthetic and real-world datasets. Results show that the approach has high truepositive rates, low false-positive rates, and is capable of detecting complex structural anomalies in real-world domains including email communications, cellphone calls and network traffic.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Identifying Threats Using Graph-based Anomaly Detection

View Related Documents

Abstract

Fulltext Preview